Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
93s -
max time network
114s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
17/04/2024, 13:19
General
-
Target
31b6a608393ad6cadd7eadf286795aef37260c9b99e837f1d7a1aa4e9a7f901b.exe
-
Size
355KB
-
MD5
cf1d6b216e37745bf725a0b327f0045e
-
SHA1
3278b37ac35b877d3d5e9e1aff82d94bce532709
-
SHA256
31b6a608393ad6cadd7eadf286795aef37260c9b99e837f1d7a1aa4e9a7f901b
-
SHA512
70b4f8651efd28af344059d62886f38595a692c642b8ebf0a81a69bfa948c471d73b7b7888d4a91c97e0bbe0d44f819e3ffcdae06dccfa790c77503ec5b7130b
-
SSDEEP
6144:aR74gEBkjnu0zpAhr5lX8+CcpsUS5YKLFBVERB:a+gEBkjnXAhFlMSpBS5Htm
Malware Config
Extracted
lumma
https://cleartotalfisherwo.shop/api
https://worryfillvolcawoi.shop/api
https://enthusiasimtitleow.shop/api
https://dismissalcylinderhostw.shop/api
https://affordcharmcropwo.shop/api
https://diskretainvigorousiw.shop/api
https://communicationgenerwo.shop/api
https://pillowbrocccolipe.shop/api
Signatures
-
Lumma Stealer
An infostealer written in C++ first seen in August 2022.
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\31b6a608393ad6cadd7eadf286795aef37260c9b99e837f1d7a1aa4e9a7f901b.exe"C:\Users\Admin\AppData\Local\Temp\31b6a608393ad6cadd7eadf286795aef37260c9b99e837f1d7a1aa4e9a7f901b.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1988 -s 10362⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 1988 -ip 19881⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
296KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
41.3MB
-
Filesize
296KB